Trojan targeting Mac OS X

Apple Mac OS X users could be at risk from a new Trojan, according to security vendor SecureMac.

The Trojan, which has been detected on a hacker site and may be circulating on iChat and Limewire, appears as an AppleScript called Asthtv05 or as an application bundle called Astht_v06. If a user downloads and opens the files, it then provides remote access to the system, transmitting system and user passwords, logging keystrokes, taking screenshots, turning on file sharing and and even taking pictures with Mac's built it camera.

The Trojan targets OS X 10.4 and 10.5 operating systems, by exploiting a vulnerability in the Apple Remote Desktop Agent.

SecureMac advises using its MacScan 2.5.2 product to detect the spyware, and to avoid downloading and opening files from non-trusted sources.

In other Apple security news, Apple has fixed a flaw in the Windows version of its Safari browser.

The flaw enabled automatic downloading and execute files without the users permission. Apple has released patch for the problem as part of a security update, which will get user permission before downloading applications to the desktop.

The patch, part of a security update issued by Apple on Thursday, changed Safari so it would first seek permission from a user before downloading an application from a Web site to the desktop